Solved

Setting Up Active Directory Domain Services in Windows 2008 R2 Server

Posted on 2012-04-03
8
547 Views
Last Modified: 2012-08-13
Had a look at a few articles on here regarding this but am still a bit unsure.
I have run the active directory installation wizard and created a new domain,
does the FQDN have to be in lower case or does it not matter? I have used
mycompanydomain.lan is this the correct way. I am having a play around with
Windows Server 2008 R2 so in the forest function level do I select this option.

Also Should the Database , Log Files and SYSVOL be left with the default settings
and I've noticed that after you run the ADDS wizard the use the following dns
server address has been changed to 127.0.0.1 does this need changing back to
the address of the server? or will adding the DHCP server role do it.
Finally are there any other settings in this area that need adding/tweaking to ensure
everything works correctly.

Thanks
0
Comment
Question by:floyd197
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 9

Expert Comment

by:Geodash
ID: 37802290
So this will be your first AD Domain, or are you building a new one? DO you have a current one?

best practice is mycoompanydomain.local for internal domain name.
0
 

Author Comment

by:floyd197
ID: 37802402
Yes it will be a new one
0
 
LVL 9

Assisted Solution

by:Geodash
Geodash earned 250 total points
ID: 37802437
I would leave sysvol, DNS and everything where it is if it is a DC. It will put it where it needs. Also, if it is a DC, it changes the DNS to 127.0.0.1 of the local server, 127.0.0.1 is the local loopback address of the network card, normal behavior and what it should do.

I dont think you will have any issues, run a dcpromo, let it do its thing, ...done
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 
LVL 31

Accepted Solution

by:
Justin Owens earned 250 total points
ID: 37802462
I always struggle when I see someone post "best practice" without posting a supporting link.  Best practice in one scenario might be completely different than in another.  For example, if you use MACs in your environment, then using .local will cause problems you may not want to have to address (http://support.apple.com/kb/ts3248).  It is because of that, I recommend .corp rather than .local.  But again, this is just my personal preference, not a "best practice."  For Microsoft official "best practice" in domain naming, see here: http://support.microsoft.com/kb/909264.  Using .lan is perfectly acceptable per their recommendations.

On your DC, leave 127.0.0.1 as the primary DNS so it will always look to itself first.  This is important for the stability of AD.  You can add DHCP, but that is for a completely different purpose.  In your DHCP scope you will want the DNS IP To be the server's IP address within your LAN which other machines use to connect to it.

As to other settings for tweaking.... Make sure you have properly defines your subnets in Sites and Services and moved the correct DCs to each subnet (if you use more than one Site).  AD can be as easy or as complicated as you want to make it.

DrUltima
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 37802476
As an addendum, I always move my AD protected folders to a different partition.  Windows goes through and locks them down, and they are heavily access.  I have found performance increase by moving them.  Again this is personal preference, not best practice.  What you should not do is move them once you have used DCPROMO (or the Wizard) to create them.

DrUltima
0
 

Author Comment

by:floyd197
ID: 37825217
Thanks, had a go at that and everything seems ok. I want things to be as simple as possible
really just setting the server up for use in a small business.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37825223
Hope it works well for you Floyd197
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 37827490
floyd197,

I am glad everything seems OK for you.  If you have successfully implemented your DC, please feel free to go ahead and close this Question.  If you need assistance with closing a Question, a good starting point is here:

http://www.experts-exchange.com/help/viewHelpPage.jsp?helpPageID=24

Respectfully,

DrUltima
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question